GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

I have one NTFS partition on each of my XP PCs, the smallest of them about 40GB. I'm using that partition as a workspace for video editing, that's the only reason why I chose NTFS at all

Does that mean that you are installing XP on a FAT partition, which is basically the same as disabling all security features based on file-permissions?

Quote:

Don't use a virus scanner at all.

Quote:

But I do not update Windows - because I trust the Open Source community, but not Microsoft. It's a sad fact that the most imminent danger to stability and trustworthyness of a Windows PC comes from Redmond.

Nope, the most imminent danger comes from uninformed users. You are just stating here that you never fix known security holes (although the OS developer delivers patches) and also don't run software which at least partially can prevent the symptoms caused by that behavior.
In short, you are disabling the security features (if my guess is right and you do install XP on a FAT partition), not fixing known holes and don't run software that can make your system more secure. In such a configuration it doesn't even help to run the system as unprivileged user.

Sorry I have to say that, but IMHO advices like these are the most imminent danger to Windows systems and behaviors like yours are at least one reason why there are so many Windows zombie machines out there.

Does that mean that you are installing XP on a FAT partition, which is basically the same as disabling all security features based on file-permissions?

yes, of course. As long as Windows won't let me grant permissions based on a whitelist of processes that are entitled to a certain operation, the system is crap. All access control is based on the user, which is nonsense because I, the user, would like to do certain things using one application, while protecting me against modifying a file with another application. The Windows security model doesn't allow that. Neither does the Unix model, for that matter.

Quote:

Originally Posted by TobiSGD

You are just stating here that you never fix known security holes (although the OS developer delivers patches) and also don't run software which at least partially can prevent the symptoms caused by that behavior.

True, but in the first place I'm not running software that exposes these known security holes - or I'm using it in a way that won't expose them.

Quote:

Originally Posted by TobiSGD

In such a configuration it doesn't even help to run the system as unprivileged user.

Which I don't do on Windows, either, as you may have feared.

Quote:

Originally Posted by TobiSGD

Sorry I have to say that, but IMHO advices like these are the most imminent danger to Windows systems and behaviors like yours are at least one reason why there are so many Windows zombie machines out there.

No, on the contrary. It's my skepticism that protects me and prevents my machines from getting affected or infected. At the slightest indication of anything suspicious, I put a PC in quarantine until I find (in most cases) that it's something harmless that triggered my brains alarm. Such a hint could be an unknown process showing up, a file that suddenly appears or has been changed without my wanting so, or unusual messages that turn up somewhere, or network activity I can't spontaneously account for.
I've been running many PCs at first with Windows 95/98 that way successfully for many years, then with Windows 2000 and XP. My experience tells me that this is the best practice - and it makes sure I don't get any of the generously distributed viruses, trojans or backdoors of any kind directly from Redmond, or get some precious feature disabled unexpectedly.

True, but in the first place I'm not running software that exposes these known security holes - or I'm using it in a way that won't expose them.

Which basically means you have found a way to uninstall the Internet Explorer, have not installed any other browser and never use any software that downloads data from the net. In other words, you have Windows only for staring at an idling desktop.
You also don't use PDF readers, media players and other stuff that can be exploited. Question: How do you check for processes, network activity and such when you have a root kit installed?

Which basically means you have found a way to uninstall the Internet Explorer, have not installed any other browser and never use any software that downloads data from the net. In other words, you have Windows only for staring at an idling desktop.

no, only I read about most of the threats that have become known and wonder what strange circumstances it takes to really make them effective. Oh, and I prefer to use old versions of programs because most of their flaws are known, and I know they don't bother me. I have Internet Explorer 5.5, 6.0 and 8.0 installed on three different machines, one of them just a VM, but I'm not using it (other than the way it's integrated in the shell), and on my Windows PCs, I'm using MS Office 97, Opera 8.x, Thunderbird 1.5 and Videolan 1.05 (Videolan 1.1+ seems to require Windows 7 anyway, it complains about missing DLL entry points on 2k/XP).

Quote:

Originally Posted by TobiSGD

You also don't use PDF readers, media players and other stuff that can be exploited.

I use Foxit Reader 3.x, and I'm aware that there might always be a yet unknown exploit with some software. However, most of the software on my Windows PCs being more than 3 years old, I assume these would already be known.

Quote:

Originally Posted by TobiSGD

Question: How do you check for processes, network activity and such when you have a root kit installed?

Windows task manager and the network "active" LED. And I know I have no rootkit, because I don't give them any chance to get on my PC. Besides, It would affect the timing of the boot process, yet another giveaway. So on the whole, I can't understand how an advanced or expert user might get their PC infected. I wouldn't blame the average unskilled user, but for someone like us it's like a sniper missing a cargo van: You have to be damn careless.

So on the whole, I can't understand how an advanced or expert user might get their PC infected. I wouldn't blame the average unskilled user, but for someone like us it's like a sniper missing a cargo van: You have to be damn careless.

[X] Doc CPU

Drive by downloads, getting data from users that you trust, but followed your advices, ... . By the way, root kits can't be seen in the task manager and it should be no problem to hide network activity within normal network activity if the network LED is your only indicator. Also, almost any root kit is so small that it loads and executes in a time scale so small that you wouldn't notice anything.
I still think that your advice is simply irresponsible and dangerous.

Drive by downloads, getting data from users that you trust, but followed your advices, ... . By the way, root kits can't be seen in the task manager and it should be no problem to hide network activity within normal network activity if the network LED is your only indicator. Also, almost any root kit is so small that it loads and executes in a time scale so small that you wouldn't notice anything.
I still think that your advice is simply irresponsible and dangerous.

i suspect Intel / VMware is working on killing root kits by monitoring the 1st "block" of instructions the CPU gets. any variance from the norm would indicate a boot (rooting) issue, etc.

nice thing about VM environment is that you can scan the image from a process outside of the VM. if its a physical booting from SAN or the like you can scan the SAN from an outside process with a read-only setup to the disk space.

roots are a pita when the system is physical and boots from local disk.

Distribution: Debian for server, CrunchBang for everything that's not a server

Posts: 143

Rep:

Windows 8 has the worst interface to ever be conceived. Once it is released to the general public, Microsoft will either go under entirely or lose so much of their market share that they will cease to be remotely relevant in the modern computing landscape.

With luck, shocked and horrified former users of Windows 7 will start researching other options for their computer systems. Naturally, a good percentage of them will move to OSX, but with luck the rest will switch to Linux. Perhaps we will see some kind of significant jump in user-base, for once.

Actually ... even though the Windows-8 user interface is indeed one of the "suck-iest" ones that their Marketing Department has come up with yet (and that's saying a lot), the underlying architecture of the system is actually robust. Including a very thorough (baroque, really...) "roles based" integrated security model.

Doc, you can, in fact, designate "roles" that contain the security restrictions that you want, then associate users and processes with those roles.

There are two basic problems. First, Microsoft actually disables most of that security on the "home edition" versions of the product. Second, they do not ship most of the necessary tools on anything but the most-expensive ones. They make the necessary information quite difficult to find on MSDN, although it is there ... and the whole damned system is, as I said, baroque.

"Once you figure out how-the-hell to do it," Windows will do it. But it will only do it "the Microsoft way." At least, that's the only reasonably-easy way to do it...

I run Windows in virtual machines at this point. And I make each one of them believe that they are in a centrally managed setup, obeying LDAP (nee OpenDirectory) rules, along with the Linux systems. Windows isn't happy with the idea but will do it. Linux (and OS/X) handle it with a smile.

Gnu/Linux is certainly the best OS but the average computer students are taught by their schools how to use and only how to use Microsoft software; this M$ attained by lobbying and bribing politicians and policy makers in the government --an art that FSF has no means of doing. I think every user needs to help countering it.

Windows 8 has the worst interface to ever be conceived. Once it is released to the general public, Microsoft will either go under entirely or lose so much of their market share that they will cease to be remotely relevant in the modern computing landscape.

With luck, shocked and horrified former users of Windows 7 will start researching other options for their computer systems. Naturally, a good percentage of them will move to OSX, but with luck the rest will switch to Linux. Perhaps we will see some kind of significant jump in user-base, for once.

I certainly hope Windows 8 is that bad, but as far as I know, Microsoft has far too much money and power to go under--not from one [m ore] bad Windows version. I'm an idealist, but not an absurd one. Microsoft hasn't been innovative in many years (if it ever was), but it makes money anyway.

Since most LQ users whom I've heard give an opinion on Ubuntu don't seem to like it or the Ubuntu culture, how about an "Ubuntu vs. All Other Distros" thread along the lines of this "Windows vs. Linux" thread? Perhaps there already is one and I haven't seen it yet?

Since most LQ users whom I've heard give an opinion on Ubuntu don't seem to like it or the Ubuntu culture, how about an "Ubuntu vs. All Other Distros" thread along the lines of this "Windows vs. Linux" thread? Perhaps there already is one and I haven't seen it yet?